PHPackages bedigit/lara-recaptcha - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. bedigit/lara-recaptcha ActiveLibrary[Authentication & Authorization](/categories/authentication) bedigit/lara-recaptcha ====================== Advanced reCAPTCHA package for Laravel 1.1.4(5y ago)06.4kMITPHPPHP ^7.2.5|^7.3 Since Mar 4Pushed 1y ago1 watchersCompare [ Source](https://github.com/mayeulak/lara-recaptcha)[ Packagist](https://packagist.org/packages/bedigit/lara-recaptcha)[ RSS](/packages/bedigit-lara-recaptcha/feed)WikiDiscussions master Synced yesterday READMEChangelogDependencies (1)Versions (7)Used By (0) Laravel reCAPTCHA v2 and v3 =========================== [](#laravel-recaptcha-v2-and-v3) Advanced and painless Google reCAPTCHA package for Laravel Available reCAPTCHA versions: - v2 Invisible - v2 Checkbox - v3 System requirements ------------------- [](#system-requirements) Package versionPHP versionLaravel versiondev-master7.2.5 or greater6.20.13 or greaterComposer -------- [](#composer) You can install the package via composer: ``` $ composer require bedigit/lara-recaptcha:^1.0 ``` Laravel 5.5 (or greater) uses package auto-discovery, so doesn't require you to manually add the Service Provider, but if you don't use auto-discovery ReCaptchaServiceProvider must be registered in `config/app.php`: ``` 'providers' => [ ... Bedigit\ReCaptcha\ReCaptchaServiceProvider::class, ]; ``` You can use the facade for shorter code. Add ReCaptcha to your aliases: ``` 'aliases' => [ ... 'ReCaptcha' => Bedigit\ReCaptcha\Facades\ReCaptcha::class, ]; ``` Configuration ------------- [](#configuration) Publish package Create `config/recaptcha.php` configuration file using the following artisan command: ``` $ php artisan vendor:publish --provider="Bedigit\ReCaptcha\ReCaptchaServiceProvider" ``` Set the environment Add your API Keys Open `.env` file and set `RECAPTCHA_SITE_KEY` and `RECAPTCHA_SECRET_KEY`: in your .env file ================= [](#in-your-env-file) ``` RECAPTCHA_SITE_KEY=YOUR_API_SITE_KEY RECAPTCHA_SECRET_KEY=YOUR_API_SECRET_KEY ``` Complete configuration Open `config/recaptcha.php` configuration file and set version: ``` return [ 'site_key' => env('RECAPTCHA_SITE_KEY', ''), 'secret_key' => env('RECAPTCHA_SECRET_KEY', ''), 'version' => 'v2', // supported: v3|v2|invisible 'skip_ip' => [], // array of IP addresses - String: dotted quad format e.g.: 127.0.0.1 'validation_route' => env('RECAPTCHA_VALIDATION_ROUTE', 'lara-recaptcha/validate'), 'token_parameter_name' => env('RECAPTCHA_TOKEN_PARAMETER_NAME', 'token') ]; ``` `site_key` and `secret_key` are reCAPTCHA keys you have to create in order to perform Google API authentication. For more information about Site Key and Secret Key please visit Google reCAPTCHA developer documentation `version` indicates the reCAPTCHA version (supported: v3|v2|invisible). Get more info about reCAPTCHA version at . `skip_ip` is a whitelist of IP addresses that, if recognized, disable the reCAPTCHA validation (return always true) and if you embed JS code in blade (view) file NO validation call will be performed. `validation_route` is the route called via javascript built-in validation script (v3 only) `token_parameter_name` is the name of "token" GET parameter sent to `validation_route` to be validated (v3 only) Reload config cache file !!! IMPORTANT !!! Every time you change some configuration run the following shell command: ``` $ php artisan config:cache ``` Have you updated? If you are migrating from an older version add `skip_ip` array in `recaptcha.php` configuration file. Customize error message Just for *v2* and *invisible* users. Before starting please add the validation message to resources/lang/\[LANG\]/validation.php file ``` return [ ... 'recaptcha' => 'The :attribute is wrong!', ]; ``` How to use v2 ============= [](#how-to-use-v2) Embed in Blade -------------- [](#embed-in-blade) Insert `recaptchaApiJsScriptTag($formId)` helper before closing `` tag. You can also use `ReCaptcha::recaptchaApiJsScriptTag($formId)`. `$formId` is required only if you are using **ReCAPTCHA INVISIBLE** ``` ... {!! recaptchaApiJsScriptTag(/* $formId - INVISIBLE version only */) !!} ``` ### ReCAPTCHA v2 Checkbox [](#recaptcha-v2-checkbox) After you have to insert `recaptchaHtmlFormSnippet()` helper inside the form where you want to use the field `g-recaptcha-response`. You can also use `ReCaptcha::recaptchaHtmlFormSnippet()` . ``` ... {!! recaptchaHtmlFormSnippet() !!} ``` ### ReCAPTCHA v2 Invisible [](#recaptcha-v2-invisible) After you have to insert `recaptchaHtmlFormButton($buttonInnerHTML)` helper inside the form where you want to use reCAPTCHA. This function creates submit button therefore you don't have to insert `` or similar. You can also use `ReCaptcha::recaptchaHtmlFormButton($buttonInnerHTML)` . `$buttonInnerHTML` is what you want to write on the submit button ``` ... {!! recaptchaHtmlFormButton(/* $buttonInnerHTML - Optional */) !!} ``` **!!!IMPORTANT!!!** Use as `$formId` the same value you previously set in `recaptchaApiJsScriptTag` function. Verify submitted data --------------------- [](#verify-submitted-data) Add **recaptcha** to your rules ``` $v = Validator::make(request()->all(), [ ... 'g-recaptcha-response' => 'recaptcha', ]); ``` Print form errors ``` $errors = $v->errors(); ``` How to use v3 ============= [](#how-to-use-v3) Embed in Blade -------------- [](#embed-in-blade-1) Insert `recaptchaApiV3JsScriptTag($config)` helper before closing `` tag. ``` > ... {!! recaptchaApiV3JsScriptTag([ 'action' => 'homepage', 'callback_then' => 'callbackThen', 'callback_catch' => 'callbackCatch' ]) !!} {!! recaptchaApiV3JsScriptTag([ 'action' => 'homepage', 'custom_validation' => 'myCustomValidation' ]) !!} ``` `$config` is required and is an associative array containing configuration parameters required for the JavaScript validation handling. The keys are: KeyRequiredDescriptionDefault value`action`nois the `action` parameter required by reCAPTCHA v3 API ([further info](https://developers.google.com/recaptcha/docs/v3))`homepage``custom_validation`nois the name of your custom callback javascript function who will override the built-in javascript validation system of this packageempty string`callback_then`no(overlooked if `custom_validation`is set) is the name of your custom callback javascript function called by the built-in javascript validation system of this package in case of response successempty string`callback_catch`no(overlooked if `custom_validation`is set) is the name of your custom callback javascript function called by the built-in javascript validation system in this package in case of response faultempty stringBuilt-in javascript validation system ------------------------------------- [](#built-in-javascript-validation-system) As callback of `grecaptcha.execute` an AJAX call to `config('recaptcha.validation_route')` will be performed using `fetch` function. In case of successful response a Promise object will be received and passed as parameter to the `callback_then` function you have set. In not set, no actions will be performed. Same will happen with `callback_catch`. `callback_catch` will be called in event of response errors and errors will pass as parameter et that function. If not set, no actions will be performed. Please, go to [Using Fetch](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch) for further information on `fetch` javascript function. > **Warning: Check browser compatibility** `fetch` function has compatibility issues with some browser like IE. Please create a custom validation function and set `custom_validation` with its name. That function has to accept as argument the `token`received from Google reCAPTCHA API. > > [Fetch browser compatibility](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch#Browser_compatibility) ### Validation Laravel route [](#validation-laravel-route) Default validation route is `config('recaptcha.validation_route', 'lara-recaptcha/validate')`. Route and relative Controller are built-in in the package. The route if filtered and protected by Laravel `web` Middleware, that's why is important you embed `csrf-token` HTML meta tag and send `X-Requested-Wit` and `X-CSRF-TOKEN` headers. You can also change the validation end-point changing `validation_route` value in `recaptcha.php` config file. ``` ... ``` ### Validation response object [](#validation-response-object) The output will be a JSON containing following data: - **Default output without errors** ``` { "action":"homepage", "challenge_ts":"2019-01-29T00:42:08Z", "hostname":"www.yourdomain.tld", "score":0.9, "success":true } ``` - **Output when calling IP is included in "skip\_ip" config whitelist** ``` { "skip_by_ip":true, "score":0.9, "success":true } ``` > If you embed code in your blade file using `recaptchaApiV3JsScriptTag` helper no validation call will be performed! - **Output with an empty response from Google reCAPTCHA API** ``` { "error":"cURL response empty", "score":0.1, "success":false } ``` In the next paragraph you can learn how handle Validation promise object ### "callback\_then" and "callback\_catch" [](#callback_then-and-callback_catch) After built-in validation you should do something. How? Using `callback_then` and `callback_catch` functions. What you have to do is just create functions and set parameters with their names. - `callback_then` must receive one argument of type `Promise`. - `callback_catch` must receive one argument of type `string` The result should be something like that: ``` ... ... function callbackThen(response){ // read HTTP status console.log(response.status); // read Promise object response.json().then(function(data){ console.log(data); }); } function callbackCatch(error){ console.error('Error:', error) } ... {!! recaptchaApiV3JsScriptTag([ 'action' => 'homepage', 'callback_then' => 'callbackThen', 'callback_catch' => 'callbackCatch' ]) !!} ``` ### "custom\_validation" function [](#custom_validation-function) As just said you can handle validation with your own function. To do that you have to write your function and set `custom_validation` parameter with its name. The result should be something like that: ``` ... ... function myCustomValidation(token) { // do something with token } ... {!! htmlScriptTagJsApiV3([ 'action' => 'homepage', 'custom_validation' => 'myCustomValidation' ]) !!} ``` License ------- [](#license) Under MIT License ### Health Score 33 — LowBetter than 75% of packages Maintenance34 Infrequent updates — may be unmaintained Popularity18 Limited adoption so far Community7 Small or concentrated contributor base Maturity59 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~138 days Recently: every ~98 days Total 6 Last Release 1932d ago PHP version history (4 changes)1.0PHP ^7.1 1.1.1PHP ^7.2.5 1.1.2PHP ^7.3 1.1.3PHP ^7.2.5|^7.3 ### Community Maintainers ![](https://www.gravatar.com/avatar/18219ef70f553fa7ac6c0ac677ac822de33271fe82e7bf5d260ff1afff7e2a42?d=identicon)[bedigit](/maintainers/bedigit) --- Top Contributors [![mayeulak](https://avatars.githubusercontent.com/u/19293023?v=4)](https://github.com/mayeulak "mayeulak (8 commits)") ### Embed Badge ![Health badge](/badges/bedigit-lara-recaptcha/health.svg) ``` [![Health](https://phpackages.com/badges/bedigit-lara-recaptcha/health.svg)](https://phpackages.com/packages/bedigit-lara-recaptcha) ``` ### Alternatives [lab404/laravel-impersonate Laravel Impersonate is a plugin that allows to you to authenticate as your users. 2.3k16.4M48](/packages/lab404-laravel-impersonate)[santigarcor/laratrust This package provides a flexible way to add Role-based Permissions to Laravel 2.3k5.4M43](/packages/santigarcor-laratrust)[overtrue/laravel-follow User follow unfollow system for Laravel. 1.2k404.7k5](/packages/overtrue-laravel-follow)[codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)